Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 06297ed61848699245191852e385a42f0c5b7122 / . / apps / acl / src / test / java / org / onosproject / acl / AclWebResourceTest.java
blob: 897e8b4f199a572b212e785fa3fa5226639cd4b6 [file] [log] [blame]
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]1/*
Brian O'Connora09fe5b2017-08-03 21:12:30 -0700[diff] [blame]2 * Copyright 2015-present Open Networking Foundation
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
Ray Milkey2d572dd2017-04-14 10:01:24 -0700[diff] [blame]15 *
16 * Originally created by Pengfei Lu, Network and Cloud Computing Laboratory, Dalian University of Technology, China
17 * Advisers: Keqiu Li and Heng Qi
18 * This work is supported by the State Key Program of National Natural Science of China(Grant No. 61432002)
19 * and Prospective Research Project on Future Networks in Jiangsu Future Networks Innovation Institute.
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]20 */
21
Thomas Vachuska9bb32352015-09-25 11:31:22 -0700[diff] [blame]22package org.onosproject.acl;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]23
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]24import org.glassfish.jersey.server.ResourceConfig;
25import org.glassfish.jersey.test.JerseyTest;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]26import org.junit.After;
27import org.junit.Before;
Thomas Vachuska9bb32352015-09-25 11:31:22 -0700[diff] [blame]28import org.junit.Ignore;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]29import org.junit.Test;
30import org.onlab.osgi.ServiceDirectory;
Thomas Vachuska9bb32352015-09-25 11:31:22 -0700[diff] [blame]31import org.onlab.osgi.TestServiceDirectory;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]32import org.onlab.rest.BaseResource;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]33import org.onosproject.core.IdGenerator;
34
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]35import javax.ws.rs.client.Entity;
36import javax.ws.rs.client.WebTarget;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]37import java.io.IOException;
38import java.util.ArrayList;
39import java.util.List;
40import java.util.concurrent.atomic.AtomicLong;
41
Thomas Vachuska2048c1f2017-05-10 19:32:22 -0700[diff] [blame]42import static org.easymock.EasyMock.*;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]43import static org.hamcrest.Matchers.containsString;
44import static org.junit.Assert.assertThat;
45
46/**
47 * Test class for ACL application REST resource.
48 */
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]49public class AclWebResourceTest extends JerseyTest {
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]50
51 final AclService mockAclService = createMock(AclService.class);
52 final AclStore mockAclStore = createMock(AclStore.class);
53 final List<AclRule> rules = new ArrayList<>();
54
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]55 /**
56 * Constructs a control metrics collector resource test instance.
57 */
58 public AclWebResourceTest() {
59 super(ResourceConfig.forApplicationClass(AclWebApplication.class));
60 }
61
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]62 @Before
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]63 public void setUpMock() {
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]64 expect(mockAclService.getAclRules()).andReturn(rules).anyTimes();
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]65 ServiceDirectory testDirectory = new TestServiceDirectory()
66 .add(AclService.class, mockAclService)
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]67 .add(AclStore.class, mockAclStore);
68 BaseResource.setServiceDirectory(testDirectory);
Thomas Vachuska9bb32352015-09-25 11:31:22 -0700[diff] [blame]69
Ray Milkey06297ed2018-01-22 17:13:41 -0800[diff] [blame^]70 AclRule.idGenerator = new MockIdGenerator();
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]71 }
72
73 @After
74 public void tearDown() {
75 verify(mockAclService);
76 }
77
78 /**
79 * Mock id generator for testing.
80 */
81 private class MockIdGenerator implements IdGenerator {
82 private AtomicLong nextId = new AtomicLong(0);
83
84 @Override
85 public long getNewId() {
86 return nextId.getAndIncrement();
87 }
88 }
89
90 @Test
Thomas Vachuska9bb32352015-09-25 11:31:22 -0700[diff] [blame]91 @Ignore("FIXME: This needs to get reworked")
92 public void addRule() throws IOException {
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]93 WebTarget wt = target();
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]94 String response;
95 String json;
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]96
97 replay(mockAclService);
98
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]99 // FIXME: following code snippet requires refactoring by extracting
100 // json string as a separated file
101
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]102 // input a invalid JSON string that contains neither nw_src and nw_dst
103 json = "{\"ipProto\":\"TCP\",\"dstTpPort\":\"80\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]104 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]105 assertThat(response, containsString("Failed! Either srcIp or dstIp must be assigned."));
106
107 // input a invalid JSON string that doesn't contain CIDR mask bits
108 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.0.1\",\"dstTpPort\":\"80\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]109 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]110 assertThat(response, containsString("Malformed IPv4 prefix string: 10.0.0.1. " +
111 "Address must take form \"x.x.x.x/y\""));
112
113 // input a invalid JSON string that contains a invalid IP address
114 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.0.256/32\",\"dstTpPort\":\"80\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]115 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]116 assertThat(response, containsString("Invalid IP address string: 10.0.0.256"));
117
118 // input a invalid JSON string that contains a invalid IP address
119 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.01/32\",\"dstTpPort\":\"80\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]120 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]121 assertThat(response, containsString("Invalid IP address string: 10.0.01"));
122
123 // input a invalid JSON string that contains a invalid CIDR mask bits
124 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.0.1/a\",\"dstTpPort\":\"80\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]125 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]126 assertThat(response, containsString("Failed! For input string: \"a\""));
127
128 // input a invalid JSON string that contains a invalid CIDR mask bits
129 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.0.1/33\",\"dstTpPort\":\"80\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]130 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]131 assertThat(response, containsString("Invalid prefix length 33. The value must be in the interval [0, 32]"));
132
133 // input a invalid JSON string that contains a invalid ipProto value
134 json = "{\"ipProto\":\"ARP\",\"srcIp\":\"10.0.0.1/32\",\"dstTpPort\":\"80\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]135 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]136 assertThat(response, containsString("ipProto must be assigned to TCP, UDP, or ICMP."));
137
138 // input a invalid JSON string that contains a invalid dstTpPort value
139 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.0.1/32\",\"dstTpPort\":\"a\",\"action\":\"DENY\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]140 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]141 assertThat(response, containsString("dstTpPort must be assigned to a numerical value."));
142
143 // input a invalid JSON string that contains a invalid action value
144 json = "{\"ipProto\":\"TCP\",\"srcIp\":\"10.0.0.1/32\",\"dstTpPort\":\"80\",\"action\":\"PERMIT\"}";
Jian Li9d616492016-03-09 10:52:49 -0800[diff] [blame]145 response = wt.request().post(Entity.json(json), String.class);
Pengfei Lue0c02e22015-07-07 15:41:31 +0800[diff] [blame]146 assertThat(response, containsString("action must be assigned to ALLOW or DENY."));
147 }
148}